package com.hippoDocker.uaa.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import org.springframework.security.oauth2.provider.token.store.jwk.JwkTokenStore;

import javax.sql.DataSource;
import java.util.Collections;

/**
 * @ClassName TokenConfig
 * @Description TODO token令牌配置
 * @Author tangxl
 * @Date 2022/8/9 16:11
 **/
@Configuration
public class TokenConfig {
    /**
     * JWT秘钥
     */
    private String SIGNING_KEY = "uaa";

    /**
     * 令牌存储策略
     * 暂时先使用InMemoryTokenStore，生成一个普通的令牌
     * @return
     */
    @Bean
    public TokenStore tokenStore() {
        /**
         * 内存方式生成普通令牌（短小，jwt生成的令牌会很长包含很多信息）
         * InMemoryTokenStore():默认，内存存储方式
         * JdbcTokenStore():基于JDBC的实现
         * JwtTokenStore():jwt方式，将令牌相关数据进行编码
         */
//        return new InMemoryTokenStore();
        return new JwtTokenStore(accessTokenConverter());
    }

    @Bean
    public JwtAccessTokenConverter accessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setSigningKey(SIGNING_KEY); //对称秘钥。资源服务器使用该秘钥来验证
        return converter;
    }

    /**
     * 配置令牌管理
     */
//    @Bean
//    public AuthorizationServerTokenServices tokenService(ClientDetailsService clientDetailsService, TokenStore tokenStore
//            , JwtAccessTokenConverter accessTokenConverter) {
//        DefaultTokenServices service = new DefaultTokenServices();
//        service.setClientDetailsService(clientDetailsService);
//        service.setSupportRefreshToken(true);
//        service.setTokenStore(tokenStore);
//        TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
//        tokenEnhancerChain.setTokenEnhancers(Collections.singletonList(accessTokenConverter));
//        service.setTokenEnhancer(tokenEnhancerChain);
//        return service;
//    }

    /**
     * 授权码存储方式
     */

//    @Bean
//    public AuthorizationCodeServices authorizationCodeServices(DataSource dataSource) {
//        return new JdbcAuthorizationCodeServices(dataSource);
//    }

}
